samedit and Win2k mixed mode DC

Ignacio Coupeau icoupeau at unav.es
Thu Jan 4 17:20:13 GMT 2001 

Gerald Carter wrote:
> 
> Gerald Carter wrote:
> >
> > Folks,
> >
> > Has anyone tried using samedit from APPLIANCE_TNG to join
> > a domain controlled by a Win2k mixed mode DC?

I think don't runs with TNG-good 2.5 ... 

1. first I tried to join to "ad" domain:
---
[root at bilbo bin]# samedit -S . -U root    
added interface ip=159.237.12.42 bcast=159.237.12.255
nmask=255.255.255.0
Enter Password:<NULL>
[root at .]$ createuser bilbo$ -j ad
createuser bilbo$ -j ad
SAM Create Domain User
Got a positive name query response from 159.237.12.115 ( 159.237.12.115
)
1st session setup ok
2nd session setup ok
ncacn_np_use_add: connection failed
could not find SID for domain ad

2. The local stored sid:
----
TNG 2.5 (linux, bilbo$) as WS:

../private/BILBO.SID
::::::::::::::
S-1-5-21-217154924-2499287137-3896835577
---

3. Te AD sids:
[root at bilbo samba_tng]# grep S-1 /home/icoupeau/AD/16
dn: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
cn: S-1-5-11
 CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
name: S-1-5-11
dn: CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
cn: S-1-5-4
 CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
name: S-1-5-4
dn: CN=S-1-1-0,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
cn: S-1-1-0
 CN=S-1-1-0,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
name: S-1-1-0
member:
CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
member:
CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
member:
CN=S-1-1-0,CN=ForeignSecurityPrincipals,DC=ad,DC=cti,DC=unav,DC=es
-- 

4. A logon (mount a share):
icb is my WS, I tried to connect bilbo:
--
==> var/log.icb <==
Transaction 1 of length 174
switch message SMBnegprot (pid 648)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [XENIX CORE]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [LANMAN1.0]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [LM1.2X002]
Requested protocol [LANMAN2.1]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
Transaction 2 of length 190
switch message SMBsesssetupX (pid 648)
passlen: 24 24 Domain=[ICB]  NativeOS=[Windows NT 1381] NativeLanMan=[]
sesssetupX:name=[icoupeau]
domain_client_validate: could not find domain ICB, using local SAM
root is in 8 groups: 0, 1, 2, 3, 4, 6, 10, 103
uid 0 registered to name root
Clearing default real name
uid 0 vuid 100 registered to unix name root
socket connect to /usr/local/etc/samba_tng/var/locks/.msrpc/lsarpc
failed: Connection refused
ncalrpc_l_establish_connection: failed lsarpc)
ncalrpc_l_use_add: connection failed
SMB LM/NT Password did not match!
Rejecting user 'icoupeau': authentication failed
32 bit error packet at line 494 cmd=115 (SMBsesssetupX) eclass=c000006d
[Error: Unknown error (109,49152)]
error string = Connection refused
end of file from client
Closing connections
Server exit (normal exit)


-- 
____________________________________________________
Ignacio Coupeau, Ph.D.     e-mail: icoupeau at unav.es
CTI, Director              fax:    948 425619
University of Navarra      voice:  948 425600
Pamplona, SPAIN            http://www.unav.es/cti/

More information about the samba-technical mailing list